NetBSD Problem Report #58594

From www@netbsd.org  Wed Aug 14 02:46:20 2024
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 279791A9242
	for <gnats-bugs@gnats.NetBSD.org>; Wed, 14 Aug 2024 02:46:20 +0000 (UTC)
Message-Id: <20240814024619.18C621A9243@mollari.NetBSD.org>
Date: Wed, 14 Aug 2024 02:46:19 +0000 (UTC)
From: campbell+netbsd@mumble.net
Reply-To: campbell+netbsd@mumble.net
To: gnats-bugs@NetBSD.org
Subject: Kernel FIOASYNC/FIOSETOWN/FIOGETOWN protocol is incoherent
X-Send-Pr-Version: www-1.0

>Number:         58594
>Category:       kern
>Synopsis:       Kernel FIOASYNC/FIOSETOWN/FIOGETOWN protocol is incoherent
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Aug 14 02:50:00 +0000 2024
>Originator:     Taylor R Campbell
>Release:        current, 10, 9, ...
>Organization:
The NetBSD SIGIOdation
>Environment:
>Description:
Various drivers implement FIOASYNC/FIOSETOWN/FIOGETOWN in their own ways.  The kernel provides fsetown/fgetown/fownsignal(9), but the usage rules aren't clear enough:

1. Is the caller required to serialize these?  (Probable answer: yes)

2. Can these be used in interrupt context (or under a spin lock), or in soft interrupt context?  (Probable answer: no, but bpf(4) does try to use fownsignal(9) like that.)

3. What happens if the process terminates and the pid/pgid is recycled?  (Probable answer: nothing good; I don't see anywhere the kernel might clean up the references, in case the file in question is held by a different process.)
>How-To-Repeat:
code inspection
>Fix:
1. Clarify the man page.
2. Figure out how to deal with cleanup.  Maybe provide an opaque `struct fown' data structure for callers to wire up the weak references for concurrent teardown on process termination.
3. Audit all the callers.

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2024 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.